Monday, January 25, 2010

5. SELinux With Baisc Linux Commands


    The following commands with "-Z" reveals along with the context information specifically for each commands.
  • ps -Z
  • ls -Z
  • cp -Z
  • id -Z
  • mv -Z
# id
uid=500(user1) gid=500(user1) groups=500(user1) context=user_u:system_r:unconfined_t
or
# id -Z
user_u:system_r:unconfined_t
This shows the information about the user ID and the context information of the user(SELinux label of user). i.e,  id -Z reveals current security context of users
# ps -Z
Shows the ps run by the user and the labeling information of each process. i.e, ps -Z reveals various domains in Tupals[SUBJECTS].
# ls -Z
Reveals the security context of files/directories[OBJECTS]
# cp
Copying a file will result in inheriting the targeted folder type context. Make sure that the context is verified once the file has been copied.
# mv
Moving a file will preserve the security context.